OAuth API Reference¶
API reference for OAuth provider endpoints.
GET /oauth/authorize¶
Start OAuth authorization flow.
Query Parameters¶
client_id- Client identifierredirect_uri- Callback URLresponse_type- Response type (code)scope- Requested scopesstate- CSRF protection
POST /oauth/token¶
Exchange authorization code for tokens.
Request¶
grant_type=authorization_code&
code=AUTH_CODE&
redirect_uri=REDIRECT_URI&
client_id=CLIENT_ID&
client_secret=CLIENT_SECRET
Response¶
{
"access_token": "...",
"token_type": "Bearer",
"expires_in": 3600,
"refresh_token": "...",
"id_token": "..."
}
POST /oauth/introspect¶
Inspect token validity.
GET /.well-known/openid-configuration¶
OIDC discovery endpoint.
GET /.well-known/jwks.json¶
JSON Web Key Set (JWKS) endpoint.